Help - Search - Members - Calendar
Full Version: User Accounts and Stealth Progs
Dumpshock Forums > Discussion > Shadowrun
Nexushound
Oi Chums,

Say I had a node with 3 user accounts, 1 Security account and no Admin accounts and everyone who was supposed to be there was logged in. A Hacker beats my Encryption, disarms my Data Bomb and logs on with a User account. I would know that there is a hacker because there was one to many accounts active or would I? Would the Stealth program hide both his Icon and the Log account requiring me to make a Matrix Perception check?
Ascalaphus
QUOTE (Nexushound @ Dec 9 2009, 10:03 AM) *
Oi Chums,

Say I had a node with 3 user accounts, 1 Security account and no Admin accounts and everyone who was supposed to be there was logged in. A Hacker beats my Encryption, disarms my Data Bomb and logs on with a User account. I would know that there is a hacker because there was one to many accounts active or would I? Would the Stealth program hide both his Icon and the Log account requiring me to make a Matrix Perception check?


As long as his Stealth functions, you wouldn't realize that there's a user too many (or more than one user logged in under the same account.)
Nexushound
Oi Ascalaphus,

Thanks. Just wondering. I was checking Unwired under System Topology and Limiting Account Privileges. Could I then use a Matrix Perception on the Account Log to notice the Intrusion?
Rotbart van Dainig
Actually, if you monitor account usage and he uses an actual account, you would indeed know.

Normal hacking, however, won't result in an actual account, just the privileges equivalent to such an account.
Nightfalke
QUOTE (Rotbart van Dainig @ Dec 9 2009, 03:55 AM) *
Actually, if you monitor account usage and he uses an actual account, you would indeed know.

Normal hacking, however, won't result in an actual account, just the privileges equivalent to such an account.


QFT.

It's a different story if he used lead-pipe hacking ("Give me your username and password or I beat you with this lead pipe") in which he is using an actual account on the node. That you could track using this system...but a standard hack (without the lead pipe) is finding an exploit in the system that gives you those access priviliges without actually making an account.
MikeKozar
It would be reasonable to assume the system would flag a duplicate login, either denying access to the new user or booting the old one.

I tend to assume lots of the details like this are covered in the analyse/stealth arms race and just let the dice handle it. The PCs are coming up with cunning tricks, but so are the opposition. If you really enjoy that sort of micromanaging, or if you have a lot of RL computer security specialists at the table, go for it...but I try to keep it simple to stop the matrix stuff from taking over the whole game, especially since it generally splits the party.
LurkerOutThere
QUOTE (Rotbart van Dainig @ Dec 9 2009, 03:55 AM) *
Actually, if you monitor account usage and he uses an actual account, you would indeed know.

Normal hacking, however, won't result in an actual account, just the privileges equivalent to such an account.


Which if someone is actively monitoring the security log they might see the errors and other problems associated with those privledges not being tied to a valid account at least when they start to do actions that affect the node.
tagz
QUOTE (MikeKozar @ Dec 9 2009, 09:50 PM) *
It would be reasonable to assume the system would flag a duplicate login, either denying access to the new user or booting the old one.


deny the new one entry

QUOTE
p110 Unwired
Copied Agents and IDs
Note that when an agent program is copied, the access ID
built into the agent is copied as well. This means that any copies
of the agent will have the same access ID. This is not a problem
when a hacker is running such copies simultaneously from his
persona (as his access ID is used in that case), or if the copies are
operating autonomously in independent nodes. If a copy tries
to access a node on which an agent with the same access ID is
already running, however, the node will automatically refuse ac-
cess (even if the agent tries to hack his way in, the attempt
will automatically fail).
This security feature both deters
piracy and prevents mass invasions by agent mooks (the
so-called “Agent Smith” scenario).
A copied agent may be patched in order to give it a
separate unique access ID with a Logic + Software (Rating
x 3, 1 week) Extended Test.

I believe the same can be assumed for all access IDs as there is no real distinction between an agent's ID and a persona's other then it's origin.

QUOTE
p225 SR4A
Authorization and Authentication
In order to allow you access to anything beyond a public account, the
node must be given three things. The first is your access ID, which
is automatically given when you log on.
Second, the node must have
your access ID associated with an access level/account privileges (for
example, your soycaf dispenser will have your access ID on a list that
shows that you have an admin account on its node); this is called authorization.

Third, you must have some way of proving you are the
person who has the authorization in question; this is authentication.
There are a number of methods a node can employ to authenticate
users. For low-security nodes like can openers or corporate restrooms,
the access ID alone is enough.
A node could demand a basic passcode before permitting entry.
Basic passcodes consist of sets of symbols that you enter to log on to
a node. The most common passcodes are alphanumeric strings, but
thanks to augmented and virtual reality, passcode “symbols” can...


Basically as I read this, to get into someone else's account, even if obtained by social engineering, you have to first spoof your Access ID to match, otherwise it's like trying to log in with the wrong username. I figure most groups probobly don't even bother with the Hacking + Software(2) test when doing this and just assume they log in with that ID. However this makes it so that if that user is currently on the hacker can't log in, or if the hacker is in the actual user can't log in. A fun thing to play with really.

User: "Hey, is this tech support? I seem to be having trouble logging in. I'm using the right password and everything."
Security Spider: "Whats your Access ID sir?"
User: "1234567890"
Spider: "According to this you're already logged in."
User: "Well I'm NOT."
Spider puts user on hold to check it out.
Mongoose
Which makes me wonder why most of the stuff you and I own would even HAVE accounts. I suppose it needs to so other stuff can pass it info (your smartgun needs an account on your image link, etc) but for some things, limiting it to just an admin account almost makes sense.
LurkerOutThere
You don't need accounts to pass traffic, the joys of mesh technology
Ascalaphus
QUOTE (MikeKozar @ Dec 9 2009, 10:50 PM) *
It would be reasonable to assume the system would flag a duplicate login, either denying access to the new user or booting the old one.


Many contemporary network-based systems currently allow the same account to be logged into different terminals. It's not guaranteed this will change in the future; occasionally it has it's uses. (A "generic client" visitor account, for example.)


As for the Agent Access ID: it looks like a desperate rules patch. What if the agent spoofs his Access ID (instead of a peculiarly labourious software change)?
tagz
Preceding paragraph says it can be but it has to be done as it's being loaded. Once it's running it cannot be changed. This means an agent can't change their own access ID, but you are free to.
Mongoose
QUOTE (LurkerOutThere @ Dec 10 2009, 01:08 AM) *
You don't need accounts to pass traffic, the joys of mesh technology


I meant to pass info the destination could use. If your smartgun doesn;t have an account on your vision link, how does the link know to display the data its sending, instead of every other bit of data zooming through the air?


QUOTE (Ascalaphus @ Dec 10 2009, 01:37 AM) *
Many contemporary network-based systems currently allow the same account to be logged into different terminals. It's not guaranteed this will change in the future; occasionally it has it's uses. (A "generic client" visitor account, for example.)


Heh, I do that in the computer lab here at school. Log in to two comps side by side, and multi-task like a fool.
Method
QUOTE (tagz @ Dec 9 2009, 03:24 PM) *
However this makes it so that if that user is currently on the hacker can't log in, or if the hacker is in the actual user can't log in. A fun thing to play with really.
Good call. What a wonderfully random complication for a Matrix-based run.
etherial
QUOTE (Unwired, p. 110)
Copied Agents and IDs
Note that when an agent program is copied, the access ID
built into the agent is copied as well. This means that any copies
of the agent will have the same access ID. This is not a problem
when a hacker is running such copies simultaneously from his
persona (as his access ID is used in that case), or if the copies are
operating autonomously in independent nodes. If a copy tries
to access a node on which an agent with the same access ID is
already running, however, the node will automatically refuse ac-
cess (even if the agent tries to hack his way in, the attempt
will automatically fail). This security feature both deters
piracy and prevents mass invasions by agent mooks (the
so-called “Agent Smith” scenario).
A copied agent may be patched in order to give it a
separate unique access ID with a Logic + Software (Rating
x 3, 1 week) Extended Test.


Whoever wrote that passage has clearly never used UNIX. It's not only possible to log in multiple times as the same user, it's extraordinarily useful.
LurkerOutThere
Well to be fair this is clearly something done froma game balance perspective and not a actual computer use. If your trying to work matrix tech from a real world computer perspective your just going to give yourself a headache.
Ascalaphus
QUOTE (LurkerOutThere @ Dec 10 2009, 03:54 AM) *
Well to be fair this is clearly something done froma game balance perspective and not a actual computer use. If your trying to work matrix tech from a real world computer perspective your just going to give yourself a headache.


It would have been nice if it didn't directly contradict realistic technology though. The kind of limits they come up for game balance all seem haphazard, illogical and easily circumvented.
Mongoose
QUOTE (etherial @ Dec 10 2009, 02:42 AM) *
Whoever wrote that passage has clearly never used UNIX.


Or they didn't assume that The computer OS of 2070 is the same as one made 100 years earlier. Sure, principles of design might not change, but then again, who knows?
Also, its a GAME. Lots of stuff gets done for that reason, and as nothing to do with "realism".
etherial
QUOTE (Mongoose @ Dec 10 2009, 01:22 PM) *
Or they didn't assume that The computer OS of 2070 is the same as one made 100 years earlier. Sure, principles of design might not change, but then again, who knows?
Also, its a GAME. Lots of stuff gets done for that reason, and as nothing to do with "realism".


The fundamental paradigm of modern computing is more is better. That especially applies to internet connectivity. I wasn't assuming that the computers of the future used UNIX, just that you could get away with not realizing how integral multiple connections are if you had only used Windows or Mac OS.
Rotbart van Dainig
Just. Don't. Go. There.
Tymeaus Jalynsfein
QUOTE (etherial @ Dec 9 2009, 07:42 PM) *
Whoever wrote that passage has clearly never used UNIX. It's not only possible to log in multiple times as the same user, it's extraordinarily useful.



In fact, I do it all the time on a Unix System... Unfortunately, our system architecture is changing, and the new environment does not allow this... it is quite frustrating...

Keep the Faith
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012